Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-8371

Blank pages in OAuth2 flows (Consent page - /device/user) - .html.js in the HTTP trace

    XMLWordPrintable

    Details

    • Rank:
      1|hzria7:
    • AM Sustaining Sprint 19, AM Sustaining Sprint 22

      Description

      Symptoms:

      In some contexts when you try to access the consent page or the .../device/user page in an OAuth2 flow you get a blank page; if you run a http trace you will see traces containing .html.js, such as:

      Request URL:http://lb.example.com/openam/XUI/templates/user/DeviceTemplate.html.js
      Request Method:GET
      Status Code:404 Not Found
      

      This happens when there is a LB/site with port 80 or 443 and for which the port is removed when trying to access the html file. This affects only 13.0.x as it is linked to the text.js file (located in /XUI/libs)

      To reproduce:

      Set OpenAM on port 8080: http://openam.example.com:8080/openam
      Create a OAuth2 provider
      Create a site on port 80: http://lb.example.com:80/openam
      Add the server to the site
      Access http://lb.example.com:80/openam/oauth2/device/user

      The result is a blank page; in the trace you can see the snippet above.

      Workaround:

      The issue is that the port 80 is stripped from the URL. You can fix it in one of the following ways:

      1) Make sure the URL always contains the port (fix at LB level)

      2) Modify the Base URL source for the realm (add the service to the realm) and select "Fixed value" then populate Fixed value base URL: with http://lb.example.com/openam (without the port). Configuring the load balancer to send X-Forwarded-Proto and X-Forwarded-Host headers would be another option.

      Drawback of this is that you will always have to access OpenAM through the load balancer and not through the server directly; it may not be an applicable/convenient solution.

      3) Modify the file .../XUI/libs/text.js and replace the line:

      defaultPort = hasLocation && (location.port || undefined),
      

      by

      defaultPort = hasLocation && (location.port ||  (defaultProtocol === 'https' ? '443' : '80')),
      

        Attachments

          Activity

            People

            peter.major Peter Major [X] (Inactive)
            nathalie.hoet Nathalie Hoet
            Alex Walker [X] Alex Walker [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 4h
                4h
                Remaining:
                Time Spent - 1h Remaining Estimate - 1h
                1h
                Logged:
                Time Spent - 1h Remaining Estimate - 1h Time Not Required
                1h